[Kolab-devel] [issue3143] invalid keys are accepted by KMail (certmanager/lib/ui/keyselectiondialog.cpp)

Bernhard Reiter kolab-issues at intevation.de
Tue Oct 14 16:26:11 CEST 2008 

New submission from Bernhard Reiter <bernhard at intevation.de>:

There is code in 
@svn.kde.org/home/kde/branches/kdepim/enterprise/kdepim/certmanager/lib/ui/keyselectiondialog.cpp

static bool checkKeyUsage( const GpgME::Key & key, unsigned int keyUsage ) {

  if ( keyUsage & Kleo::KeySelectionDialog::ValidKeys ) {
    if ( key.isInvalid() )
      kdDebug() << "key is invalid - ignoring" << endl;
    if ( key.isExpired() ) {
      kdDebug() << "key is expired" << endl;
      return false;
    } else if ( key.isRevoked() ) {
      kdDebug() << "key is revoked" << endl;
      return false;
    } else if ( key.isDisabled() ) {
      kdDebug() << "key is disabled" << endl;
      return false;
    }
  }

Where does this "ignoring" come from?
Invalid keys should not be used I guess.
This code section has not been changed in a long while,
I do have the problem that with Kontact Version 1.2.9 (enterprise35 
20081003.867492) a key that does not work in
LANG=C gpgsm -vv -e -r bernhard at intevation.de x >x.enc
gpgsm: can't encrypt to `bernhard at intevation.de': Not trusted

because it is invalid
LANG=C gpgsm --with-colons --with-validation --list-keys bernhard at intevation.de
gpgsm: DBG: connection to dirmngr established
BUG: trying to release an already released cert
/home/etch3/.gnupg/pubring.kbx
------------------------------
crt:i:2048:1:3B85F74F46C65E78:20080619T084325:20100619T084325:06::CN=ZS 
8,O=Intevation GmbH,C=DE::escESC:
fpr:::::::::9CF8E2A00B1EE4BF02662A693B85F74F46C65E78:::0CBB157CBE5ACD8F343DBA0AEAE22FA0BD659BB2:
uid:i::::::::CN=Bernhard Reiter,O=Intevation GmbH,C=DE::
uid:i::::::::<bernhard at intevation.de>::

does not produce any warning anymore.
This must have been a recent change, so it probably is not
related to this code section. Still this section and its debugging
output smells so I would want a explanation.

Compare to kolab/issue2976 (Irritating trust warning when selecting keys for 
encryption)

----------
assignedto: till
messages: 17099
nosy: bernhard, bh, marc, till
priority: critical
status: unread
title: invalid keys are accepted by KMail (certmanager/lib/ui/keyselectiondialog.cpp)
topic: kde client, prokde35
___________________________________________________
Kolab issue tracker <kolab-issues at intevation.de>
<https://www.intevation.de/roundup/kolab/issue3143>
___________________________________________________

More information about the devel mailing list